中文 EN

扫描报告

扫描新文件

低风险 — 风险评分 20/100
上次扫描:1 天前 重新扫描
20 /100
claw-skill-nest-client
Local Claw Skill Nest client for listing, uploading, installing, and updating skills
Legitimate local skill repository client with minor hardcoded credential fallback and necessary shell execution for archive extraction.
技能名称claw-skill-nest-client
分析耗时29.5s
引擎pi
可以安装
Remove the hardcoded default API key fallback and require SKILLHUB_API_KEY to be explicitly set. Consider pinning the unzip dependency or using a pure-JS archive library.

安全发现 2 项

严重性 安全发现 位置
中危
Hardcoded default API key 凭证窃取
The script uses a hardcoded fallback API key 'claw-skill-nest-secret-key' if SKILLHUB_API_KEY environment variable is not set. This is a weak default credential that could be exploited in certain scenarios.
const SKILLHUB_API_KEY = process.env.SKILLHUB_API_KEY ?? 'claw-skill-nest-secret-key';
→ Remove the hardcoded fallback and require the API key to be explicitly set via environment variable. Fail with a clear error if not configured.
 scripts/manage_local_claw_skill_nest.ts:17
低危
Undeclared shell execution for extraction 权限提升
The extractZip() function uses subprocess (spawn) to execute unzip or PowerShell commands for archive extraction. This shell:WRITE capability is not declared in SKILL.md.
await run('unzip', ['-o', archivePath, '-d', targetDir]);
→ Document the shell execution requirement in SKILL.md or consider using a pure-JS archive library like 'adm-zip' to avoid subprocess dependency.
 scripts/manage_local_claw_skill_nest.ts:73
资源类型声明权限推断权限状态证据
文件系统 WRITE WRITE ✓ 一致 Uses mkdir, mkdtemp, writeFile, copyFile to install to ~/.openclaw/workspace/ski…
网络访问 READ READ ✓ 一致 GET/POST requests to SKILLHUB_URL for list, upload, download operations
命令执行 NONE WRITE ✓ 一致 extractZip() uses spawn() for unzip and PowerShell - necessary but undeclared

目录结构

2 文件 · 8.2 KB · 247 行
TypeScript 1f · 185L Markdown 1f · 62L
├─ 📁 scripts
│ └─ 📜 manage_local_claw_skill_nest.ts TypeScript 185L · 5.8 KB
└─ 📝 SKILL.md Markdown 62L · 2.4 KB

安全亮点

✓ Documentation accurately describes the skill's functionality
✓ Uses temporary directory for downloaded files before extraction
✓ Properly validates file extensions (.skill, .zip) for upload
✓ No base64 encoding or obfuscation detected
✓ No credential harvesting or data exfiltration behavior
✓ API key is used only for authentication to the configured server
✓ File operations are scoped to skill installation directory
✓ No access to sensitive paths like ~/.ssh, ~/.aws, or .env files